03bf7f08e4430cdbdf7105282b7adfcf

Sharing

Copy URL Twitter E-mail

General

Target

03bf7f08e4430cdbdf7105282b7adfcf
Size

120KB
MD5

03bf7f08e4430cdbdf7105282b7adfcf
SHA1

909609a8652e7732dd4111aa91d73defd67f3a70
SHA256

40de9586fd263f06e86ae421658bf081a12cc65a12705934140f10786536289f
SHA512

162ac9910d15d67c2028a1b520928c63483d3e2426238b3b070218b14b0af1d70c509a20932eee077923e958cf1ce289da3d30c1f33928629a51a944d5ebf6f7
SSDEEP

1536:8+2KV6QQN5go2zJTGJj/Z2mgIi9e5fs9OaLtX0twQq2ql8TPBHomWDHK1O39:8+2YU5gvqTIubUlEbq2ql8ThomgKk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03bf7f08e4430cdbdf7105282b7adfcf

Files

03bf7f08e4430cdbdf7105282b7adfcf
.dll regsvr32 windows:4 windows x86 arch:x86

1a5f8ecf02d76df0b2d81313134484df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockFile
UnlockFile
SetEndOfFile
MultiByteToWideChar
lstrlenA
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
lstrcmpiA
SetLastError
GetFileAttributesA
GetFileSize
GetFileTime
WideCharToMultiByte
lstrcatA
LocalAlloc
CloseHandle
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
ResumeThread
GetCurrentThreadId
lstrcmpA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
CreateThread
ExitThread
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FreeLibrary
MoveFileA
GetSystemDirectoryA
GetPrivateProfileIntA
GetLastError
DeleteFileA
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls
Sleep
LocalFree
GetCurrentProcessId

user32

GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
SetWindowTextA
LoadCursorA
CallWindowProcA
ReleaseDC
GetDC
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
SystemParametersInfoA
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetSystemMetrics
CharUpperA
RemovePropA
GetMessageTime
GetClassNameA
GetWindowThreadProcessId
EnumWindows
UpdateWindow
ShowWindow
SetWindowPos
GetMessagePos
GetWindow
RegisterWindowMessageA
GetSysColorBrush
FindWindowExA
PostMessageA
GetCursorPos
DefWindowProcA
PostQuitMessage
FindWindowA
RegisterClassExA
GetForegroundWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
SendMessageA
IsIconic
GetWindowPlacement
SetForegroundWindow

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

urlmon

URLDownloadToFileA

comctl32

ord17

atl

ord31
ord23
ord21
ord16
ord15
ord30
ord18
ord57
ord32
ord58

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetConnectA
FtpGetFileA

gdi32

ScaleViewportExtEx
SetViewportOrgEx
SetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetViewportExtEx
GetStockObject
SelectObject
RestoreDC
OffsetViewportOrgEx
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SetWindowExtEx
ScaleWindowExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a5f8ecf02d76df0b2d81313134484df

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

urlmon

comctl32

atl

wininet

gdi32

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB